A massive MongoDB database was found that exposed over 275 million Indian citizens and contained very detailed personal information. The exposed information contained names, genders, dates of birth, email addresses, phone numbers, educational and professional information, and current salaries of the affected citizens. The data was hosted on Amazon.com servers and was found to have no encryption or password protection. Researchers were unable to find who owned the leaky database. Shortly after finding the exposed database, a hacker group called the “Unistellar” group had copied that database, deleted it and left a note stating “Restore? Contact: unistellar@hotmail[.]com.” Since the database did not have any protection protocols in place, anyone could assume ownership of the data and set administrator privileges for themselves.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is